[PATCH] Stop use after free

Richard Sharpe realrichardsharpe at gmail.com
Wed Sep 25 08:58:19 MDT 2013


On Wed, Sep 25, 2013 at 7:48 AM, Volker Lendecke
<Volker.Lendecke at sernet.de> wrote:
> On Wed, Sep 25, 2013 at 04:16:47PM +1000, Alistair Leslie-Hughes wrote:
>> Hi,
>>
>> The reply_arg variable can be use after it has been free. This is
>> just a copy from the source4 version.
>>
>> Should fix
>> https://bugzilla.samba.org/show_bug.cgi?id=10087
>
> While this looks good, it does fix two things. Why don't you
> just talloc_strdup session_info->unix_info->unix_name to
> state->gensec_state? Is session_info->unix_info->unix_name
> something different from the talloc_asprintf args?
>
> Trying to understand it :-)

Also, I think you should credit the guy who reported the bug because
he has the essential solution there.

-- 
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)


More information about the samba-technical mailing list